🧠 The Deep, Yet Dumb-Proof Guide to Azure Storage
🧱 What Is Azure Storage (And Why Should You Care)?
Let’s start simple.
Imagine you own a bakery. You’ve got recipes (text files), security camera footage (videos), invoices (PDFs), and employee info (spreadsheets).
You want to:
- Keep them safe 🔐
- Access them from anywhere 🌍
- Share them with others securely ✉️
- Automatically back them up 🔁
Azure Storage is Microsoft’s way of giving you all that — but in the cloud. It’s like renting a virtual storage warehouse, and it’s more powerful and flexible than any USB stick, Google Drive, or hard disk.
💡 What Can You Store in Azure?
There are 4 major types of storage:
| Storage Type | Think of it like… | Used For |
|---|---|---|
| Blob | A cloud Dropbox | Any file: images, videos, backups |
| File | Network drive | File shares for apps or teams |
| Queue | Messaging box | App messages (like: “new order arrived!”) |
| Table | Spreadsheet | Quick-access key-value data |
For AZ-104, Blob and File are the two main ones.
🔐 Azure Storage Account – Your Personal Cloud Vault
Before using storage, you first need to create a Storage Account. Think of it like buying a plot of land where you’ll build your warehouse.
This account acts as the container of containers:
- It defines where your data lives (region)
- What kind of redundancy and backup you want
- What kind of encryption you’ll use
- Who gets access and how
🛠️ How to Create One:
-
Go to the Azure Portal
-
Search for “Storage Accounts”
-
Click Create
-
Fill in:
- Name (must be globally unique)
- Region (e.g., East US)
- Performance (Standard or Premium)
- Redundancy (LRS, GRS, etc.)
-
Click Review + Create
🗂️ Blob Storage – Store Any File in the Cloud
Blob = Binary Large Object → any kind of file: image, video, doc, zip, etc.
Analogy: Blob storage is like a public library’s archive:
- The library building = storage account
- Book shelves = containers
- Books = blobs (files)
Types of Blobs:
- Block blobs = normal files (most common)
- Append blobs = files you only ever add to (e.g. logs)
- Page blobs = used by virtual machines (for VHDs)
🛠️ How to Use:
- In your storage account, click Containers
- Create a container (e.g.,
images) - Click it and click Upload
- Choose any file (e.g., image.jpg)
- Done — you now have cloud storage!
🔐 Controlling Access – Who Can See What?
You don’t want just anyone accessing your cloud vault. Azure gives you 3 major ways to control access.
1. Access Keys (Master Key)
Like giving someone a key to your house — they can do anything.
You get 2 keys per storage account (for rotation). 🔴 Warning: Never share them publicly.
2. Shared Access Signatures (SAS) – Temporary Guest Pass
This lets you create custom links that:
- Only allow read/upload/delete
- Only work for certain files
- Expire after a time (e.g., 1 hour)
Example Use Case: You want to give a vendor access to 1 PDF for 2 hours. You generate a SAS link and send it to them — they can’t see anything else.
🛠️ How to Generate SAS:
- Go to the blob or container
- Click Generate SAS
- Choose permissions + expiry
- Copy the SAS URL
3. Azure AD + RBAC (Company Login + Roles)
This uses your company’s directory to manage permissions.
Instead of managing keys, you assign roles:
- “Reader” can read blobs
- “Contributor” can upload
- “Owner” can delete
This is secure and scalable — and required for enterprises.
♻️ Redundancy – How Azure Keeps Your Data Safe
What if Azure’s data center is destroyed? No problem. Azure keeps multiple copies of your files.
Types:
| Type | Copies | Location | Use Case |
|---|---|---|---|
| LRS | 3 | Same data center | Cheapest, low fault tolerance |
| ZRS | 3 | Across zones in one region | For higher fault tolerance |
| GRS | 6 (3+3) | Two regions | Disaster recovery |
| RA-GRS | GRS + read access to backup | Two regions | Global access in disaster |
🛠️ Set it During Storage Creation:
Pick the one that matches your criticality and budget.
⚙️ Blob Storage Tiers – Pay Based on Usage
Not all data needs to be available instantly. Azure lets you choose how “hot” your files are.
Tiers:
| Tier | Speed | Cost | Use Case |
|---|---|---|---|
| Hot | Fast | High | Recently used files |
| Cool | Slower | Medium | Files accessed monthly |
| Archive | Very slow (hours to retrieve) | Very cheap | Rarely used backups |
🛠️ How to Change Tier:
- Go to blob > Properties > Access Tier
- Change to Cool or Archive
🤖 Lifecycle Management – Automatic Storage Rules
Let’s automate!
You can create rules like:
- After 30 days, move files to Cool tier
- After 1 year, delete them
🛠️ How to Configure:
-
Go to your storage account
-
Click Lifecycle Management
-
Add rule:
- Condition: last modified > 90 days
- Action: move to archive
Azure will do it for you — forever.
🌐 Blob Replication – Create Clones in Other Regions
Let’s say your app is used in the US and India. If your files are stored only in the US, they’ll load slower in India.
Use Object Replication to automatically copy blobs to a second storage account in another region.
This improves:
- Speed for users in other countries
- Disaster recovery
🛠️ How to Set Up:
- Set source and destination storage accounts
- Define replication rules (all blobs or filtered)
- Done — Azure will keep them in sync!
🧷 Immutable Storage – Unchangeable Files
Imagine you store legal documents or financial logs. You don’t want anyone to edit or delete them — not even by mistake.
Use Immutable Policies:
- Time-based: Lock file for 7 years
- Legal hold: Lock until investigation is done
Azure blocks all modifications.
🛠️ To Use:
- Enable versioning and legal hold
- Apply to the container
- Upload files normally — now they’re unchangeable
🔐 Encryption – Your Data Is Always Locked
Azure encrypts every file by default.
You can choose:
- Microsoft-managed keys (default, easy)
- Customer-managed keys (CMK) via Azure Key Vault
- Bring Your Own Key (BYOK) — enterprise option
Even if someone breaks into Azure (which is rare), they can’t read your data without the keys.
🗃️ Azure Files – Shared Drives in the Cloud
Need a traditional file share like \\company\shared?
Azure Files gives you that — but hosted in Azure, with full support for:
- SMB protocol
- Windows/Linux mounting
- Backup and snapshots
🛠️ How to Use:
- Go to your storage account
- Click File Shares
- Create a new share (e.g.,
myfileshare) - Map it on your PC with:
net use Z: \\<storageaccount>.file.core.windows.net\<share>
You now have a cloud-based shared folder!
🔄 Azure File Sync – Local + Cloud Hybrid
Want to keep using your on-prem file server but also sync with Azure?
Azure File Sync:
- Keeps a local copy of recently used files
- Stores all files in the cloud
- Automatically syncs changes
This lets you reduce local storage needs (using cloud tiering) and adds backups + DR.
📦 Azure Storage Data Transfer Tools
Have a lot of data to upload? Use the right tool:
| Tool | Best For |
|---|---|
| AzCopy | CLI tool for uploading GBs of data quickly |
| Azure Storage Explorer | GUI tool for browsing files and containers |
| Azure Data Box | You order a physical disk, copy data locally, ship it to Microsoft |
🧠 Final Words
You now understand not just what Azure Storage is, but how to use it, why it matters, and how to make decisions based on your use case.
This guide is long, but if you truly read and understand it, you’ll be better prepared than 80% of AZ-104 candidates.